The goal of the connectbyname library is to simplify application code to set up a TLS connection when given a DNS name and a port.

The library takes care of resolving A and AAAA addresses, Happy Eyeballs, and DANE validation.

Together with changes to Stubby, the library also provides control over connections to upstream DNS resolvers, for example, whether encryption is mandatory or not.

The code consists of a series of prototypes, each more complex than the one before. The most resent one is 'proto9'. This last prototype depends on an experimental branch of getdns.

Feature List

  • Support for Happy Eyeballs
  • DANE authentication
  • Selecting DNS upstreams (DNS over port 53, DNS over TLS, DNS over HTTPS)
  • Limited support for SVCB/HTTPS